<?php
/* -------------------------------------------------------------------------------------
* 	ID:						$Id: create_account.php 31 2013-09-21 11:54:34Z phone.mueller@googlemail.com $
* 	Letzter Stand:			$Revision: 31 $
* 	zuletzt geaendert von:	$Author: siekiera $
* 	Datum:					$Date: 2013-09-21 11:54:34 +0000 (Sat, 21 Sep 2013) $
*
* 	SEO:mercari by Siekiera Media
* 	http://www.seo-mercari.de
*
* 	Copyright (c) since 2011 SEO:mercari
* --------------------------------------------------------------------------------------
* 	based on:
* 	(c) 2000-2001 The Exchange Project  (earlier name of osCommerce)
* 	(c) 2002-2003 osCommerce - www.oscommerce.com
* 	(c) 2003     nextcommerce - www.nextcommerce.org
* 	(c) 2005     xt:Commerce - www.xt-commerce.com
*
* 	Released under the GNU General Public License
* ----------------------------------------------------------------------------------- */

require ('includes/application_top.php');
require_once (DIR_FS_INC.'inc.encrypt_password.php');
require_once (DIR_FS_CATALOG.DIR_WS_CLASSES.'class.phpmailer.php');
require_once (DIR_FS_INC.'inc.create_password.php');
require_once (DIR_FS_INC.'inc.get_geo_zone_code.php');
require_once (DIR_FS_INC.'inc.php_mail.php');

require(DIR_FS_CATALOG.DIR_WS_CLASSES.'class.input_fields.php');

$field = new input_fields('create_account', $_POST);

$gender_male = $field->getField('gender', 'm');
$gender_female = $field->getField('gender', 'f');
$title = $field->getField('title', '', 'size="6"');
$firstname = $field->getField('firstname');
$lastname = $field->getField('lastname');
$dob = $field->getField('dob');
$email_address = $field->getField('email');
$company = $field->getField('company');
$vat = $field->getField('vat');
$street_address = $field->getField('street_address', '', 'size="21" class="create_account_street"');
$street_address_num = $field->getField('street_address_num', '', 'size="3" class="create_account_street_num"');
$suburb = $field->getField('suburb');
$postcode = $field->getField('postcode', '', 'size="5"  class="create_account_postcode"');
$city = $field->getField('city', '', 'size="19" class="create_account_city"');
$zone_id = $field->getField('state', '', 'class="create_account_state"');
$country = $field->getField('country', '', 'class="create_account_state" id="country"');
$telephone = $field->getField('telephone');
$fax = $field->getField('fax');
$password = $field->getField('password', (!empty($_POST['password']) ? $_POST['password'] : RandomString(12)));
$confirmation = $field->getField('confirmation');
$newsletter = $field->getField('newsletter', '1');

$smarty = new Smarty;

$customers_statuses_array = get_customers_statuses();

if($_GET['action'] == 'process' && $field->error != 'true') {

	if (!$field->post['newsletter'])
		$newsletter = 0;
	
	$firstname = (!empty($field->post['title']) ? $field->post['title'].' ' : '' ).$field->post['firstname'];
	
	$customers_mail_comments = $_POST['mail_comments'];

	$payment_unallowed = $_POST['payment_unallowed'];
	$shipping_unallowed = $_POST['shipping_unallowed'];

	if ($customers_password == '')
		$customers_password = RandomString(6);
		
	$error = false;

	$check_email = $db->db_query("SELECT customers_email_address from ".TABLE_CUSTOMERS." WHERE customers_email_address = ".$db->db_prepare($customers_email_address)." and customers_id <> ".$db->db_prepare($customers_id));
	if ($check_email->_numOfRows) {
		$error = true;
		$entry_email_address_exists = true;
	} else
		$entry_email_address_exists = false;

	if ($error == false) {
		$sql_data_array = array('customers_vat_id' => $field->post['vat'],
								'customers_vat_id_status' => $field->customers_vat_id_status,
								'customers_status' => $field->customers_status,
								'customers_firstname' => $firstname,
								'customers_lastname' => $field->post['lastname'],
								'customers_email_address' => $field->post['email'],
								'customers_telephone' => $field->post['telephone'],
								'customers_fax' => $field->post['fax'],
								'customers_password' => encrypt_password($field->post['password']),
								'customers_date_added' => 'NOW()',
								'customers_last_modified' => 'NOW()',
								'payment_unallowed' => $payment_unallowed,
								'shipping_unallowed' => $shipping_unallowed);

		if (!empty($field->post['gender']))
			$sql_data_array['customers_gender'] = $field->post['gender'];
			
		if (!empty($field->post['dob']))
			$sql_data_array['customers_dob'] = date_raw($field->post['dob']);

		require(DIR_FS_INC.'inc.new_customer_id.php');
		
		$sql_data_array['customers_cid'] = ($_POST['csID']!=''?$_POST['csID']:new_customer_id());

		$db->db_perform(TABLE_CUSTOMERS, $sql_data_array);

		$cc_id = $db->db_insert_id();

		$sql_data_array = array('customers_id' => $cc_id,
								'entry_firstname' => $firstname,
								'entry_lastname' => $field->post['lastname'],
								'entry_street_address' => $field->post['street_address'].' '.$field->post['street_address_num'],
								'entry_postcode' => $field->post['postcode'],
								'entry_city' => $field->post['city'],
								'entry_country_id' => $field->post['country'],
								'address_date_added' => 'NOW()',
								'address_last_modified' => 'NOW()');

		if (!empty($field->post['gender']))
			$sql_data_array['entry_gender'] = $field->post['gender'];
		if (!empty($field->post['company']))
			$sql_data_array['entry_company'] = $field->post['company'];
		if (!empty($suburb))
			$sql_data_array['entry_suburb'] = $field->post['suburb'];

		$sql_data_array['entry_state'] = $field->post['state'];

		$db->db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);

		$address_id = $db->db_insert_id();

		$db->db_query("UPDATE 
							".TABLE_CUSTOMERS." 
						SET 
							customers_default_address_id = '".$address_id."' 
						WHERE 
							customers_id = '".$cc_id."'");

		$db->db_query("INSERT INTO 
							".TABLE_CUSTOMERS_INFO." 
							(customers_info_id, 
							customers_info_number_of_logons, 
							customers_info_date_account_created) 
						VALUES 
							('".$cc_id."', '0', NOW())");


		if(($_POST['customers_mail'] == 'yes')) {

			$smarty->assign('language', $_SESSION['language']);
			$smarty->caching = false;

			$smarty->template_dir = DIR_FS_CATALOG.'templates';
			$smarty->compile_dir = DIR_FS_CATALOG.'templates_c';
			$smarty->config_dir = DIR_FS_CATALOG.'lang';

			$smarty->assign('tpl_path', 'templates/'.CURRENT_TEMPLATE.'/');
			$smarty->assign('logo_path', HTTP_SERVER.DIR_WS_CATALOG.DIR_WS_IMAGES);

			$smarty->assign('NNAME', $field->post['lastname']);
			$smarty->assign('USERNAME4MAIL', $field->post['email']);
			$smarty->assign('PASSWORT4MAIL', $field->post['password']);
			$smarty->assign('GENDER', $field->post['gender']);
			$smarty->assign('STORE_URL', HTTP_SERVER);
			$smarty->assign('STORE_NAME', STORE_NAME);

			require_once (DIR_FS_INC.'inc.get_mail_body.php');
			$smarty->caching = false;
			$html_mail = $smarty->fetch('html:create_account_admin');
			$html_mail .= $signatur_html;
			$smarty->caching = false;
			$txt_mail = $smarty->fetch('txt:create_account_admin');
			$txt_mail .= $signatur_text;
			require_once (DIR_FS_INC.'inc.get_mail_data.php');
			$mail_data = get_mail_data('create_account_admin');

			$html_mail = str_replace('{#support_mail_address#}', $mail_data['EMAIL_REPLAY_ADDRESS'], $html_mail);
			$txt_mail = str_replace('{#support_mail_address#}', $mail_data['EMAIL_REPLAY_ADDRESS'], $txt_mail);

			php_mail($mail_data['EMAIL_ADDRESS'],
					$mail_data['EMAIL_ADDRESS_NAME'],
					$field->post['email'],
					$firstname.' '.$field->post['lastname'],
					$mail_data['EMAIL_FORWARD'],
					$mail_data['EMAIL_REPLAY_ADDRESS'],
					$mail_data['EMAIL_REPLAY_ADDRESS_NAME'],
					'',
					'',
					$mail_data['EMAIL_SUBJECT'],
					$html_mail,
					$txt_mail);

		}
		redirect(href_link(FILENAME_CUSTOMERS, 'cID='.$cc_id, 'SSL'));
	}
}
require(DIR_WS_INCLUDES.'metatag.php'); ?>
</head>
<body>
<?php require(DIR_WS_INCLUDES.'header.php'); ?>
<div id="wrapper">
<table class="outerTable">
	<tr>
    	<td class="columnLeft2" width="<?php echo BOX_WIDTH; ?>" valign="top">
			<?php require(DIR_WS_INCLUDES.'column_left.php'); ?>
		</td>
    	<td class="boxCenter" valign="top">
    		<?php echo draw_form('customers', FILENAME_CREATE_ACCOUNT, get_all_get_params(array('action')).'action=process', 'POST', 'onSubmit="return check_form();"').draw_hidden_field('default_address_id', $customers_default_address_id); ?>
	    	<table border="0" width="100%" cellspacing="0" cellpadding="6">
		      	<tr>
		        	<td colspan="3">
		        		<table class="table_pageHeading" border="0" width="100%" cellspacing="0" cellpadding="0">
			   				<tr>
			     				<td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
							</tr>
						</table>
		        	</td>
		      	</tr>
		      	<tr>
		      		<td colspan="3" align="right" class="inputRequirement">alle mit * markierten Felder sind unter "<a href="input_fields.php?<?php echo getMenuID('input_fields'); ?>">Eingabefelder</a>" definiert.</td>
		      	</tr>
		      	<tr>
		        	<td width="48%">
		        		<table cellspacing="0" cellpadding="10" class="formArea" width="100%">
		        			<tr>
		        				<td class="formAreaTitle"><?php echo CATEGORY_PERSONAL; ?></td>
		        			</tr>
							<?php if ($gender_male != '') { ?>
		          				<tr>
		            				<td class="main" width="40%"><?php echo ENTRY_GENDER; ?></td>
		            				<td class="main">
		            					<?php
											echo MALE.' '.$gender_male.'<br />';
											echo FEMALE.' '.$gender_female;
										?>
									</td>
		          				</tr>
							<?php } ?>
		          			<tr>
		            			<td class="main"><?php echo ENTRY_CID; ?></td>
		            			<td class="main">
		            				<?php
										echo draw_input_field('csID', $_POST['csID'], 'maxlength="32"');
									?>
								</td>
		          			</tr>
		          			<tr>
		            			<td class="main"><?php echo ENTRY_FIRST_NAME; ?></td>
		            			<td class="main"><?php echo $firstname; ?></td>
		          			</tr>
		          			<tr>
		            			<td class="main"><?php echo ENTRY_LAST_NAME; ?></td>
		            			<td class="main"><?php echo $lastname; ?></td>
		          			</tr>
							<?php if ($dob != '') { ?>
			          			<tr>
			            			<td class="main"><?php echo ENTRY_DATE_OF_BIRTH; ?></td>
			            			<td class="main"><?php echo $dob ?></td>
			          			</tr>
							<?php } ?>
		          			<tr>
		            			<td class="main last_td"><?php echo ENTRY_EMAIL_ADDRESS; ?></td>
		            			<td class="main last_td"><?php echo $email_address; ?></td>
		          			</tr>
		        		</table>
		        	</td>
		        	<td width="2%">&nbsp;</td>
	     			<?php if ($company != '') { ?>
		        		<td valign="top">
		        			<table border="0" cellspacing="0" cellpadding="10" class="formArea" width="100%">
		        				<tr>
		        					<td class="formAreaTitle" colspan="2"><?php echo CATEGORY_COMPANY; ?></td>
		        				</tr>
		          				<tr>
		            				<td class="main" width="40%"><?php echo ENTRY_COMPANY; ?></td>
		            				<td class="main"><?php echo $company; ?>
									</td>
								</tr>
								<?php if ($vat != '') { ?>
		          				<tr>
		           					<td class="main last_td"><?php echo ENTRY_VAT_ID; ?></td>
									<td class="main last_td">
		            					<?php echo $vat; ?>
									</td>
		          				</tr>
								<?php } ?>
		        			</table>
		        		</td>
					<?php } ?>
				</tr>
	      		<tr>
	        		<td width="48%">
	        			<table cellspacing="0" cellpadding="10" class="formArea" width="100%">
	        				<tr>
	        					<td colspan="2" class="formAreaTitle"><?php echo CATEGORY_ADDRESS; ?></td>
	        				</tr>
	          				<tr>
	            				<td class="main" width="40%"><?php echo ENTRY_STREET_ADDRESS; ?></td>
	            				<td class="main"><?php echo $street_address; ?></td>
	          				</tr>
	          				<tr>
	            				<td class="main" width="40%">Hausnummer:</td>
	            				<td class="main"><?php echo $street_address_num; ?></td>
	          				</tr>
							<?php if ($suburb !='') { ?>
		          				<tr>
		            				<td class="main"><?php echo ENTRY_SUBURB; ?></td>
	            					<td class="main"><?php echo $suburb; ?></td>
		          				</tr>
							<?php } ?>
	          				<tr>
	           					<td class="main"><?php echo ENTRY_POST_CODE; ?></td>
	            				<td class="main"><?php echo $postcode; ?></td>
	          				</tr>
	          				<tr>
	            				<td class="main"><?php echo ENTRY_CITY; ?></td>
	            				<td class="main"><?php echo $city; ?></td>
	          				</tr>
	          				<?php if(!empty($zone_id)) { ?>
	          				<tr>
	            				<td class="main"><?php echo ENTRY_STATE; ?></td>
	            				<td class="main"><?php echo $zone_id; ?></td>
	         				</tr>
	         				<?php 
	         					} 
	         					if(!empty($country)) {
	         				?>
	          				<tr>
	            				<td class="main last_td"><?php echo ENTRY_COUNTRY; ?></td>
	            				<td class="main last_td"><?php echo $country; ?></td>
	          				</tr>
	          				<?php } ?>
	        			</table>
	        		</td>
	      			<td width="2%">&nbsp;</td>
	      			<?php if($telephone !='') { ?>
	        		<td valign="top">
	        			<table cellspacing="0" cellpadding="10" class="formArea" width="100%">
	        				<tr><td class="formAreaTitle"><?php echo CATEGORY_CONTACT; ?></td></tr>
	        				<?php if(!empty($telephone)) { ?>
	          				<tr>
	            				<td class="main"><?php echo ENTRY_TELEPHONE_NUMBER; ?></td>
	            				<td class="main"><?php echo $telephone; ?></td>
	          				</tr>
	          				<?php 
	          				} 
	      					if(!empty($fax)) {
	          				?>
	          				<tr>
	            				<td class="main last_td"><?php echo ENTRY_FAX_NUMBER; ?></td>
	            				<td class="main last_td"><?php echo $fax; ?></td>
	          				</tr>
	          				<?php } ?>
	        			</table>
	        		</td>
	        		<?php } ?>
	      		</tr>
	      		<tr>
	        		<td valign="top" colspan="3">
	        			<table cellspacing="0" cellpadding="10" class="formArea" width="100%">
	        				<tr>
	        					<td class="formAreaTitle" colspan="2"><?php echo CATEGORY_OPTIONS; ?></td>
	      					</tr>
	          				<tr>
	            				<td class="main" width="30%"><?php echo ENTRY_CUSTOMERS_STATUS; ?></td>
	            				<td class="main">
	            					<?php
										if ($processed == true)
											echo draw_hidden_field('status');
										else
											echo draw_pull_down_menu('status', $customers_statuses_array, ($customers_status_c !='' ? $customers_status_c : '2'));
									?>
								</td>
	          				</tr>
	          				<tr>
	            				<td class="main"><?php echo ENTRY_MAIL; ?></td>
	            				<td class="main">
									<?php
										if($field->error == 'true') {
											if ($entry_mail_error == true)
												echo draw_radio_field('customers_mail', 'yes', true, $customers_send_mail).'&nbsp;&nbsp;'.YES.'&nbsp;&nbsp;'.draw_radio_field('customers_mail', 'no', false, $customers_send_mail).'&nbsp;&nbsp;'.NO.'&nbsp;'.ENTRY_MAIL_ERROR;
											else {
												echo ($customers_gender == 'm') ? YES : NO;
												echo draw_radio_field('customers_mail', 'yes', true, $customers_send_mail).'&nbsp;&nbsp;'.YES.'&nbsp;&nbsp;'.draw_radio_field('customers_mail', 'no', false, $customers_send_mail).'&nbsp;&nbsp;'.NO;
											}
										} else
											echo draw_radio_field('customers_mail', 'yes', true, $customers_send_mail).'&nbsp;&nbsp;'.YES.'&nbsp;&nbsp;'.draw_radio_field('customers_mail', 'no', false, $customers_send_mail).'&nbsp;&nbsp;'.NO;
									?>
								</td>
	          				</tr>
	          				<tr>
	            				<td class="main"><?php echo ENTRY_PAYMENT_UNALLOWED; ?></td>
	            				<td class="main"><?php echo draw_input_field('payment_unallowed', $_POST['payment_unallowed']); ?></td>
	          				</tr>
	           				<tr>
	            				<td class="main"><?php echo ENTRY_SHIPPING_UNALLOWED; ?></td>
	            				<td class="main"><?php echo draw_input_field('shipping_unallowed', $_POST['shipping_unallowed']); ?></td>
	          				</tr>
	          				<tr>
	            				<td class="main"><?php echo ENTRY_PASSWORD; ?></td>
	            				<td class="main"><?php echo $password; ?></td>
							</tr>
	        			</table>
	        		</td>
	      		</tr>
	      		<tr>
	        		<td align="right" colspan="3">
	        			<?php
	        				echo '<input type="submit" class="button" onclick="this.blur();" value="'.BUTTON_INSERT.'">
	        				<a class="button" onclick="this.blur();" href="'.href_link(FILENAME_CUSTOMERS, get_all_get_params(array('action'))) .'">'.BUTTON_CANCEL.'</a>';
	        			?>
	        		</td>
	      		</tr>
			</table>
		</form>
	</td>
</tr>
</table>
</div>
<?php require(DIR_WS_INCLUDES.'footer.php'); ?>
</body>
</html>
<?php require(DIR_WS_INCLUDES.'application_bottom.php'); ?>